Files
D1041231084_WebGis_GeoPoverty/api/laporan.php
T
2026-06-11 21:20:59 +07:00

151 lines
5.9 KiB
PHP

<?php
// ============================================================
// api/laporan.php — CRUD & Approval Laporan Masyarakat
// ============================================================
require_once __DIR__ . '/config.php';
$method = $_SERVER['REQUEST_METHOD'];
$db = getDB();
// ── POST: Submit laporan publik baru (Tanpa Login) ──────────
if ($method === 'POST') {
$d = body();
if (empty($d['nama'])) jsonError('Nama warga yang dilaporkan wajib diisi.');
if (empty($d['kelurahan_id'])) jsonError('Kelurahan wajib dipilih.');
if (empty($d['keterangan'])) jsonError('Keterangan kondisi wajib diisi.');
// Generate No. Laporan: RPT-YYYY-XXXX (cth: RPT-2026-001)
$year = date('Y');
// Lock table / select max count for transaction safety
$stmtCount = $db->prepare("SELECT COUNT(*) FROM laporan WHERE YEAR(created_at) = ?");
$stmtCount->execute([$year]);
$count = $stmtCount->fetchColumn();
$nextNo = $count + 1;
$noLaporan = "RPT-" . $year . "-" . str_pad($nextNo, 3, '0', STR_PAD_LEFT);
// Pastikan no_laporan benar-benar unik
$stmtCheck = $db->prepare("SELECT COUNT(*) FROM laporan WHERE no_laporan = ?");
$stmtCheck->execute([$noLaporan]);
if ($stmtCheck->fetchColumn() > 0) {
$noLaporan = "RPT-" . $year . "-" . str_pad($nextNo + 1, 3, '0', STR_PAD_LEFT);
}
$stmt = $db->prepare(
"INSERT INTO laporan (no_laporan, nama_pelapor, hp_pelapor, nama_dilaporkan, nik,
kelurahan_id, kategori, jumlah_anggota, penghasilan, keterangan,
lat, lng, status, tgl_laporan)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 'menunggu', CURRENT_DATE())"
);
$stmt->execute([
$noLaporan,
$d['pelapor'] ?? null,
$d['hp'] ?? null,
$d['nama'],
$d['nik'] ?? null,
$d['kelurahan_id'],
$d['kategori'] ?? 'miskin',
$d['jumlah_anggota'] ?? 1,
$d['penghasilan'] ?? 0,
$d['keterangan'],
$d['lat'] ?? null,
$d['lng'] ?? null
]);
$lapId = $db->lastInsertId();
jsonOk(['id' => $lapId, 'no' => $noLaporan], 'Laporan berhasil dikirim');
}
// Laporan read/update butuh autentikasi
$user = requireAuth();
// ── GET: List semua laporan ──────────────────────────────────
if ($method === 'GET') {
$rows = $db->query(
"SELECT l.id, l.no_laporan AS no, l.nama_pelapor AS pelapor, l.hp_pelapor AS hp,
l.nama_dilaporkan AS nama, l.nik, l.kategori, l.jumlah_anggota AS jml,
l.penghasilan AS ph, l.keterangan AS ket, l.lat, l.lng, l.status,
l.tgl_laporan AS tgl, l.created_at, k.id AS kelurahan_id, k.nama AS kel, k.kecamatan
FROM laporan l
LEFT JOIN kelurahan k ON l.kelurahan_id = k.id
ORDER BY l.created_at DESC"
)->fetchAll();
jsonOk($rows);
}
// ── PUT: Approve atau Reject laporan ──────────────────────────
if ($method === 'PUT') {
requireEdit();
$id = getParam('id');
$action = getParam('action'); // 'approve' atau 'reject'
if (!$id) jsonError('ID laporan wajib disertakan.');
if (!in_array($action, ['approve', 'reject'])) jsonError('Aksi tidak valid.');
$db->beginTransaction();
try {
// Ambil data laporan
$stmtLap = $db->prepare("SELECT * FROM laporan WHERE id = ?");
$stmtLap->execute([$id]);
$lap = $stmtLap->fetch();
if (!$lap) jsonError('Laporan tidak ditemukan.');
if ($lap['status'] !== 'menunggu') jsonError('Laporan sudah diproses sebelumnya.');
if ($action === 'reject') {
$stmtUp = $db->prepare("UPDATE laporan SET status = 'ditolak', tgl_proses = CURRENT_TIMESTAMP() WHERE id = ?");
$stmtUp->execute([$id]);
$db->commit();
jsonOk(null, 'Laporan ditolak');
}
if ($action === 'approve') {
// 1. Tambahkan ke tabel warga
$stmtWarga = $db->prepare(
"INSERT INTO warga (nama, nik, kelurahan_id, lat, lng, kategori, jumlah_anggota,
penghasilan, tgl_lahir, pendidikan, keterangan, status, pelapor, no_laporan)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, NULL, '', ?, 'aktif', ?, ?)"
);
$stmtWarga->execute([
$lap['nama_dilaporkan'],
$lap['nik'],
$lap['kelurahan_id'],
$lap['lat'] ?? -0.0230,
$lap['lng'] ?? 109.3420,
$lap['kategori'],
$lap['jumlah_anggota'] ?? 1,
$lap['penghasilan'] ?? 0,
$lap['keterangan'] . ' (Laporan: ' . $lap['no_laporan'] . ')',
$lap['nama_pelapor'],
$lap['no_laporan']
]);
$wargaId = $db->lastInsertId();
// 2. Tambahkan KK sebagai anggota keluarga pertama
$stmtAnggota = $db->prepare(
"INSERT INTO anggota_keluarga (warga_id, nama, usia, hubungan)
VALUES (?, ?, 0, 'Kepala Keluarga')"
);
$stmtAnggota->execute([$wargaId, $lap['nama_dilaporkan']]);
// 3. Update status laporan menjadi disetujui & tautkan warga_id
$stmtUp = $db->prepare(
"UPDATE laporan
SET status = 'disetujui', warga_id = ?, approved_by = ?, tgl_proses = CURRENT_TIMESTAMP()
WHERE id = ?"
);
$stmtUp->execute([$wargaId, $user['id'], $id]);
$db->commit();
jsonOk(['warga_id' => $wargaId], 'Laporan disetujui dan warga berhasil ditambahkan');
}
} catch (Exception $e) {
$db->rollBack();
jsonError('Gagal memproses laporan: ' . $e->getMessage(), 500);
}
}
jsonError('Method tidak valid', 405);